<?php 
	
	session_start();
		
	header("Content-Type: text/html;charset=utf-8");

	$conn = new mysqli("localhost", "root", "456789", "mysqlstudy");
	if($conn -> connect_error){
		die("连接失败：". $conn -> connect_error);
	}
	mysqli_query($conn, "set names utf8");
	
	$username = $_POST["username"]; //获取输入的用户名
	$pwd = $_POST["password"];  //获取输入的密码
	$code = $_POST["code"];  //获取输入的验证码

	$code = strtolower($code); //将获取到的验证码转为小写
	$pwd = md5($pwd); //将获取的密码进行md5加密

	$sessionCode = $_SESSION["code"];  //获取保存在session中的code值

	if($code != $sessionCode){
		$errArr = array("status"=>"no","msg"=>"验证码不正确！");
		echo json_encode($errArr);
	}
	else{
		$sql = "SELECT * FROM tp_user_info WHERE username='" . $username . "' and password='" . $pwd ."'";
		$result = $conn -> query($sql);
		$obj = $result -> fetch_assoc();

		if($obj){
			$okArr = array("status"=>"yes","msg"=>"登录成功！");
			echo json_encode($okArr);
		}else{
			$errArr = array("status"=>"no","msg"=>"用户名或密码不正确！");
			echo json_encode($errArr);
		}
	}


	/*$arr = array("username"=>$username, "password"=>$pwd, "code"=>$code);
	echo json_encode($arr);*/


	
?>